Issue #21739 has been updated by Nigel Kersten. Status changed from Unreviewed to Needs More Information
---------------------------------------- Bug #21739: puppet cert generate on a new host may leave the host unable to initialize ssl https://projects.puppetlabs.com/issues/21739#change-98349 * Author: Josh Partlow * Status: Needs More Information * Priority: Normal * Assignee: Josh Partlow * Category: SSL * Target version: 3.x * Affected Puppet version: 3.2.3 * Keywords: * Branch: ---------------------------------------- Filing this ticket to track some additional work needed on an acceptance test defining behavior around `puppet cert generate` (acceptance/tests/ssl/puppet_cert_generate_and_autosign.rb) The issue has to do with behavior of the host in Case 3 "A host with no ssl infrastructure makes a `puppet cert generate foo` call". A host in this situation gets CA ssl infrastructure set up and creates and signs a cert 'foo' as requested. (Whether or not this behavior is desirable is an open question). After having made the generate call, testing locally on Ubuntu 13.04, I found that a `puppet agent -t` call then failed with an "Error: The certificate retrieved from the master does not match the agent's private key." The test originally documented this behavior, but when run through the acceptance harness on our Jenkins build, the failure to complete a `puppet agent -t` was only found on Lucid and Fedora. On RHEL, and Centos, `puppet agent -t` succeeded. It is unclear if this is a platform issue, or peculiar to puppet setup steps in the version of the acceptance-harness being used in our current jenkins builds (65b8f5cf913192dafbf2bda8a9a32cadee54398a) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
